The 2010 Winter Olympics may seem far away, but Vancouver officials are wasting no time in evaluating the potential for a terrorist attack. Historically, terrorist attacks were based on violent, disruptive tactics. However, 21st-century terrorists are using their technical savvy to stir up havoc.
That has officials (and hopefully the area’s retail community) questioning the vulnerability of the city’s wireless Internet system—and rightfully so.
Wireless airways have become a haven for hackers, mainly because they are readily available to anyone possessing a wireless handheld device or laptop computer outfitted with a WiFi card. While most users are harmlessly accessing wireless networks to check e-mails or surf the Web, there is a strong constituency of wrongdoers that could use a network to create devastation.
Clearly, crippling viruses are cause for alarm. However, they are only the tip of the iceberg. There is much higher trepidation that hackers could use networks to actually “open a dam and flood a town,” according to network security specialist O.J. Jonasson. “A concerted terrorist effort is a real concern,” he added.
That said, it is time for retailers to review and tighten contingency preparations surrounding their own internal networks.
Most companies are adding emergency plans to their daily business operations. These include collaborating with federal and public government agencies; working with vendors and suppliers to ensure product traceability; and backing up planning procedures, IT and communications systems in offsite locations.
Unfortunately, many companies may be forgetting about securing internal networks. The good news is this is easy to remedy.
Monthly or weekly tests surrounding internal and external encryption, firewalls and virtual private networking could make all the difference between thwarting a hack, or falling victim to one. But contingency plans need to go deeper.
An easy first step is for retailers to conduct analyses that might reveal vulnerabilities across critical pathways or weaknesses within their company’s entire infrastructure. The next logical step is to install intrusion-detection software on servers